| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
Self-signed certs and certs signed by an unknown certificate authority
are not so much a problem for sites hosted on onion services.
This patch alters the trust level for certs for onion sites, treating
them as trusted by default (for the purposes of cert chain
authentication). Other error conditions (expired certs, mismatched
domain, etc) still raise appropriate messages to the user.
|
| |
|
|
|
|
|
|
|
|
| |
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
|
| | |
|
| | |
|
| |
|
|
|
| |
It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
|
| |
|
|
|
|
| |
r=VladBaicu, a=RyanVM"
This reverts commit 334f572f8b2113c464bd65e1282b7085a1dfb5eb.
|
| |
|
|
|
|
| |
This reverts commit 59d89229b68f8fbaa46e910a9bd03a6b26e8403e.
With #32470 we backported Mozilla's fix for this issue.
|
| |
|
|
|
|
|
|
|
| |
because it doesn't handle it properly. r=Standard8
Differential Revision: https://phabricator.services.mozilla.com/D50634
--HG--
extra : moz-landing-system : lando
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
multipart/form-data r=smaug
Using a weak RNG for the form boundary allows a website operator to perform several
attacks on users (as outlined in https://trac.torproject.org/projects/tor/ticket/22919)
These include:
- Identifying Windows users based on the unseeded RNG
- Identify the number of form submissions that have occurred cross-origin between same-origin submissions
Additionally, a predictable boundary makes it possible to forge a boundary in the middle
of a file upload.
Differential Revision: https://phabricator.services.mozilla.com/D56056
--HG--
extra : moz-landing-system : lando
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
the content/content case r=smaug,zombie a=pascalc
As web extensions rely on this node adoption between content to content
documents, we want to continue allowing this capability to work for now.
Differential Revision: https://phabricator.services.mozilla.com/D50348
--HG--
extra : source : 78c33df33145bd63cd303264734d0b7d85151908
extra : histedit_source : 280627c1dba1ad7b8d82f5a315b5c2170bf3167b
|
| |
|
|
|
|
|
| |
Differential Revision: https://phabricator.services.mozilla.com/D43135
--HG--
extra : moz-landing-system : lando
|
| | |
|
| |
|
|
|
|
|
|
|
| |
moz-extension. r=rpl,Ehsan,tjr
Differential Revision: https://phabricator.services.mozilla.com/D47425
--HG--
extra : moz-landing-system : lando
|
| |
|
|
|
|
|
|
|
| |
r=JuniorHsu
Differential Revision: https://phabricator.services.mozilla.com/D54303
--HG--
extra : moz-landing-system : lando
|
| |
|
|
| |
This is a backport of the fix for Mozilla's bug 1591259.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CSS and JS changes to alter the UX surrounding letterboxing. The
browser element containing page content is now anchored to the bottom
of the toolbar, and the remaining letterbox margin is the same color
as the firefox chrome. The letterbox margin and border are tied to
the currently selected theme.
Also adds a 'needsLetterbox' property to tabbrowser.xml to fix a race
condition present when using the 'isEmpty' property. Using 'isEmpty'
as a proxy for 'needsLetterbox' resulted in over-zealous/unnecessary
letterboxing of about:blank tabs.
|
| |
|
|
|
|
|
|
|
|
| |
Spoof dom/dom.properties, layout/xmlparser.properties,
layout/MediaDocument.properties to en-US if needed.
Differential Revision: https://phabricator.services.mozilla.com/D46034
--HG--
extra : moz-landing-system : lando
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
iframe for Letterboxing. r=johannh
This patch fixes the off-by-one-pixel issue of Letterboxing. For
FindBar, it will be created when the user requests it and will be hidden
if the user close it after that. The problem of the original approach is
that it only observes the existance of the FindBar element but not the
fact that whether or not it is visible. So, it will miscalculate the
offset of FindBar after it has been created and closed.
For devtools, the original approach adds one pixel offset for the
separator. However, this one pixel offset is not required since there is
no extra separator outside the devtools iframe. So, we don't need that
and this patch removes this one pixel for the devtools.
Differential Revision: https://phabricator.services.mozilla.com/D34156
--HG--
extra : moz-landing-system : lando
|
| |
|
|
|
|
|
|
|
| |
account r=johannh
Differential Revision: https://phabricator.services.mozilla.com/D31639
--HG--
extra : moz-landing-system : lando
|
| |
|
|
|
|
|
|
|
|
| |
`CreateSuffix` is irreversible by `PopulateFromSuffix` because it uses a multi-to-one mapping.
Since only ':' will happen in a IPv6 format, we can make it a 1-to-1 mapping so that the `firstPartyDomain` is consistent after `CreateSuffix` and `PopulateFromSuffix`.
Differential Revision: https://phabricator.services.mozilla.com/D47910
--HG--
extra : moz-landing-system : lando
|
| | |
|
| |
|
|
| |
--panel-disabled-color
|
| |
|
|
| |
torsettings.useProxy.checkbox in TorStrings.jsm
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The onURLBarUserStartNavigation callback expects an object
from the UrlBarInput with information about how a URL was
navigated to. This specifically helps to deal with the various
buttons and links in the UrlBar dropdown (search engines,
bookmarks, suggestions, etc).
However, when using 'Paste and go' this data is not present
nor relevant and an empty object {} is provided instead.
This also happens if the user types the 'verbose url' (for
example: https://www.example.com rather than www.example.com),
navigates away from the urlbar thus dismissing the dropdown,
then navigating back to the urlbar and hitting enter.
Pasting the less 'verbose url' causes the code to go down
another path which attempts to resolve the actual url before
attempting to call _loadURL with a null result object, rather
than an empty {} result object. In this scenario no exception
is thrown.
This patch explicitly passes null rather than implicitly
passing {} to _loadURL when a resolved 'verbose' url is entered
into the UrlBar via 'Paste and go' (as well as the previously
described type -> dismiss popup -> enter flow).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
this is no longer needed r=lsalzman
Bug 1460357 disabled AVX because gcc was generating unaligned instructions. But clang doesn't seem
to do that.
Differential Revision: https://phabricator.services.mozilla.com/D48072
--HG--
extra : moz-landing-system : lando
|
| | |
|
| | |
|
| |
|
|
|
| |
More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.
|
| |
|
|
|
|
| |
Fixed parseBridgeStrings function in parseFunctions.jsm to now discard
'bridge' string prefix in user-provided bridge strings. Also now
properly handling carriage returns ('\r') in bridge strings.
|
| |
|
|
|
|
|
| |
Fixed logic for when the Security Level panel is spawned based on input
to mirror behavior of Downloads, Library and Hamburger menus. The panel
now spawns on left-mouse button down, and on keyboard activation when
user presses 'space' or 'enter'.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Simply removed the 'clever' caching of the underlying toolbar button
element. Now, each time the button is needed it is queried from the
underlying document.
A correct, but more complicated, fix would be to determine when the
toolbar button had been moved to the overflow menu and then update our
cached reference. However, this would be super brittle and would
break once another way to move the toolbar button is added in the
future.
In the end, caching something so infrequently queried is not worth the
complexity.
|
| |
|
|
|
|
|
| |
panel
With ESR68 we needed to add a new is="text-link" attribute to label
elements used as hyperlinks
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
about:preferences#tor
This patch adds a new about:preferences#tor page which allows modifying
bridge, proxy, and firewall settings from within Tor Browser. All of the
functionality present in tor-launcher's Network Configuration panel is
present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
In addition the following changes have been made:
- The Networking Settings in General preferences has been removed
- TorStrings has been removed from the SecurityLevel component and
moved into a common shared module also used by about:preferences#tor
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid re-creating the hidden window, since this causes the nsMenuBarX
object that is associated with the app menu to be freed (which in
turn causes all of the app menu items to stop working).
More detail: There should only be one hidden window.
XREMain::XRE_mainRun() contains an explicit call to create the
hidden window and that is the normal path by which it is created.
However, when Tor Launcher's wizard/progress window is opened during
startup, a hidden window is created earlier as a side effect of
calls to nsAppShellService::GetHiddenWindow(). Then, when
XREMain::XRE_mainRun() creates its hidden window, the original one
is freed which also causes the app menu's nsMenuBarX object which
is associated with that window to be destroyed. When that happens,
the menuGroupOwner property within each Cocoa menu items's MenuItemInfo
object is cleared. This breaks the link that is necessary for
NativeMenuItemTarget's menuItemHit method to dispatch a menu item
event.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update the "Tor Network" onboarding page to include a note that
settings can now be accessed via the application preferences and
add an "Adjust Your Tor Network Settings" action button which opens
about:preferences#tor.
Replace the Tor Browser 8.5 "update" onboarding tour with a 9.0 one
that includes the revised "Tor Network" page and a revised "Toolbar"
page. The latter explains that Torbutton's toolbar item has been
removed ("Goodbye Onion Button") and explains how to access the
New Identity feature using the hamburger menu and new toolbar item.
|
| |
|
|
|
| |
Also added 'New circuit for this site' button to CustomizableUI, but
not visible by default.
|
| |
|
|
|
|
| |
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
|
| |
|
|
|
|
| |
Inside nonBrowserWindowStartup(), do not assume that XUL elements
that are only part of the Mac hidden window are available in all
non-browser windows.
|
| |
|
|
|
|
| |
A small change to Fluent FileSource class is required so that we
can register a new source without its supported locales being
counted as available locales for the browser.
|
| |
|
|
|
|
|
| |
Differential Revision: https://phabricator.services.mozilla.com/D43216
--HG--
extra : moz-landing-system : lando
|
| | |
|
| |
|
|
|
|
|
|
| |
Patching AboutNewTabService so that AboutNewTab is not loaded
to avoid several network requests that we do not need. Besides,
about:newtab will now point to about:blank or about:tor (depending
on browser.newtabpage.enabled) and about:home will point to
about:tor.
|
| |
|
|
|
|
|
| |
On Linux and Windows, arrange for the updater to remove the old
meek and moat http helper profiles by adding appropriate directives
to browser/installer/removed-files.in (on macOS, the cleanup will
be done by Tor Launcher).
|
| |
|
|
|
|
|
|
|
| |
r=xeonchen
Differential Revision: https://phabricator.services.mozilla.com/D35033
--HG--
extra : moz-landing-system : lando
|
| |
|
|
|
|
|
|
|
|
|
| |
work r=VladBaicu
Now using lastURI instead of principal and now we are using the right functions in order to test permissions.
Differential Revision: https://phabricator.services.mozilla.com/D39190
--HG--
extra : moz-landing-system : lando
|
